webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2025-08-03 Ultimate Member WordPress Plugin 2.6.6 – Privilege Escalation
  • webapps
    		•  Gurjot Singh
    2025-08-03 LPAR2RRD 8.04 – Remote Code Execution (RCE)
  • webapps
    		•  Byte Reaper
    2025-08-03 Copyparty 1.18.6 – Reflected Cross-Site Scripting (XSS)
  • webapps
    		•  Byte Reaper
    2025-08-03 Gandia Integra Total 4.4.2236.1 – SQL Injection
  • webapps
    		•  Byte Reaper
    2025-07-28 Adobe ColdFusion 2023.6 – Remote File Read
  • webapps
    		•  İbrahimsql
    2025-07-28 Mezzanine CMS 6.1.0 – Stored Cross Site Scripting (XSS)
  • webapps
    		•  Kevin Dicks
    2025-07-28 XWiki 14 – SQL Injection via getdeleteddocuments.vm
  • webapps
    		•  Byte Reaper
    2025-07-28 Invision Community 4.7.20 – (calendar/view.php) SQL Injection
  • webapps
    		•  Egidio Romano
    2025-07-22 Pie Register WordPress Plugin 3.7.1.4 – Authentication Bypass to RCE
  • webapps
    		•  Md Amanat Ullah (xSwads)
    2025-07-22 Simple File List WordPress Plugin 4.2.2 – File Upload to RCE
  • webapps
    		•  Md Amanat Ullah (xSwads)
    2025-07-22 LiveHelperChat 4.61 – Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field
  • webapps
    		•  Manojkumar J
    2025-07-22 LiveHelperChat 4.61 – Stored Cross Site Scripting (XSS) via the Chat Transfer Function
  • webapps
    		•  Manojkumar J
    2025-07-22 LiveHelperChat 4.61 – Stored Cross Site Scripting (XSS) via Personal Canned Messages
  • webapps
    		•  Manojkumar J
    2025-07-22 LiveHelperChat 4.61 – Stored Cross Site Scripting (XSS) via Facebook Integration Page Name Field
  • webapps
    		•  Manojkumar J
    2025-07-22 LiveHelperChat 4.61 – Stored Cross Site Scripting (XSS) via Operator Surname
  • webapps
    		•  Manojkumar J
    2025-07-22 LiveHelperChat 4.61 – Stored Cross Site Scripting (XSS) via Telegram Bot Username
  • webapps
    		•  Manojkumar J
    2025-07-22 Discourse 3.1.1 – Unauthenticated Chat Message Access
  • webapps
    		•  İbrahimsql
    2025-07-22 Joomla JS Jobs plugin 1.4.2 – SQL injection
  • webapps
    		•  Adam Wallwork
    2025-07-16 WP Publications WordPress Plugin 1.2 – Stored XSS
  • webapps
    		•  Zeynalxan Quliyev
    2025-07-16 White Star Software Protop 4.4.2-2024-11-27 – Local File Inclusion (LFI)
  • webapps
    		•  Imraan Khan (Lich-Sec)
    2025-07-16 SugarCRM 14.0.0 – SSRF/Code Injection
  • webapps
    		•  Egidio Romano
    2025-07-16 Langflow 1.2.x – Remote Code Execution (RCE)
  • webapps
    		•  Raghad Abdallah Al-syouf
    2025-07-16 PivotX 3.0.0 RC3 – Remote Code Execution (RCE)
  • webapps
    		•  HayToN
    2025-07-08 Discourse 3.2.x – Anonymous Cache Poisoning
  • webapps
    		•  İbrahimsql